Advertisement

A Method to Design Information Security Feedback Using Patterns and HCI-Security Criteria

  • Jaime Muñoz-ArteagaEmail author
  • Ricardo Mendoza González
  • Miguel Vargas Martin
  • Jean Vanderdonckt
  • Francisco Álvarez-Rodriguez
  • Juan González Calleros
Conference paper

Abstract

To design a user interface of a secure interactive application, a method is provided to designers with guidance in designing an adequate security information feedback using a library of user-interface design patterns integrating security and usability. The resulting feedback is then evaluated against a set of design/evaluation criteria called human–computer interaction for security (HCI-S). In this way, notifications combining visual and auditive channels required to achieve an effective feedback in case of a security issue are explicitly incorporated in the development life cycle.

Keywords

Design Pattern Traffic Light Security Feature Final User Development Life Cycle 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

References

  1. 1.
    Atoyan, H., Duquet, J., Robert, J.: Trust in New Decision Aid Systems. In: Proc. of the 18th Int. Conf. of the Association Francophone d’Interaction Homme-Machine IHM’2006 (Montreal, April 18–21, 2006). ACM Press, New York (2006) 115–122.Google Scholar
  2. 2.
    Berry, B., Hobby, L. D., McCrickard, S., North, C., Pérez-Quiñones, M. A.: Making a Case for HCI: Exploring Benefits of Visualization for Case Studies. In: Proc. of World Conf. on Educ. Multimedia, Hypermedia & Telecom. EDMEDIA’2006 (Orlando, June 26–30, 2006).Google Scholar
  3. 3.
    Braz, C., Seffah, A., M’Raihi, D.: Designing a Trade-off Between Usability and Security: A Metrics Based-Model. In: Proc. of 11th IFIP TC 13 Conf. on Human–Computer Interaction INTERACT’2007 (Rio de Janeiro, September 10–14, 2007). Lecture Notes in Computer Science, Vol. 4663. Springer, Berlin (2007) 114–126Google Scholar
  4. 4.
    Lee, J.C., McCrickard, S.: Towards Extreme(ly) Usable Software: Exploring Tensions Between Usability and Agile Software Development. In: Proc. of Agile Conference AGILE’2007 (Washington, DC, August 13–17, 2007). IEEE Comp. Soc. Press (2007) 59–71.Google Scholar
  5. 5.
    Cranor, L.F.: Designing a Privacy Preference Specification Interface: A Case Study. In: Proc. of ACM CHI’2003 Workshop on Human–Computer Interaction and Security Systems (Fort Lauderdale, April 5–10, 2003). ACM Press, New York (2003).Google Scholar
  6. 6.
    Cranor, L.F., Garfinkel, S.: Security and Usability: Designing Secure Systems that People Can Use. O’Reilly, Sebastopol (2005).Google Scholar
  7. 7.
    DARPA Intrusion Detection Evaluation: Data Sets, Massachusetts Institute of Technology, Lincoln Laboratory, Boston (1999). Accessible at http://www.ll.mit.edu/IST/ideval/data/1998/1998_data_index.html.
  8. 8.
    Dass, M.: LIDS: A Learning Intrusion Detection System. B.E. Thesis. Nagpur University, Nagpur (2000).Google Scholar
  9. 9.
    Dhamija, R.: Security Usability Studies: Risk, Roles and Ethics. In: Proc. of ACM CHI’2007 Workshop on Security User Studies (San Jose, April 28 – May 3, 2007). ACM Press, New York (2007).Google Scholar
  10. 10.
    D’Hertefelt, S.: Trust and the Perception of Security, 2000. Accessible at http://www.interactionarchitect.com/research/report20000103shd.htm.
  11. 11.
    Dustin, E., Rasca, J., McDiarmid, D.: Quality Web Systems: Performance, Security, and Usability. Addison-Wesley, New York (2001).Google Scholar
  12. 12.
    García-Ruiz, M., Vargas Martin, M., Kapralos, B.: Towards Multimodal Interfaces for Intrusion Detection. In: Audio Eng. Society: Pro Audio Expo and Convention (Vienna, 2007).Google Scholar
  13. 13.
    Hewett, T., Baecker, R., Card, S., Carey, T., Gasen, J., Mantei, M., Perlman, G., Strong, G., Verplank, W.: ACM SIGCHI Curricula for Human–Computer Interaction. ACM, New York (2004). Accessible at http://www.acm.org/sigchi/cdg/cdg2.html.
  14. 14.
    Johnson, M.L., Zurko, M.E.: Security User Studies and Standards: Creating Best Practices. In: Proc. of ACM CHI’2007 Workshop on Security User Studies (San Jose, April 28 – May 3, 2007). ACM Press, New York (2007).Google Scholar
  15. 15.
    Johnston, J., Eloff, J., Labuschagne, L.: Security and Human Computer Interfaces. Comput Security 22, 8 (2003) 675–684.CrossRefGoogle Scholar
  16. 16.
    Ka-Ping, Y.: Secure Interaction Design and the Principle of Least Authority. In: Proc. of ACM CHI’2003 Workshop on Human-Computer Interaction and Security Systems (Fort Lauderdale, April 5–10, 2003). ACM Press, New York (2003).Google Scholar
  17. 17.
    McCrickard, S., Czerwinski, M., Bartramc, L.: Introduction: Design and Evaluation of Notification User Interfaces. Int J Hum Comput Stud 58 (2003) 509–514.CrossRefGoogle Scholar
  18. 18.
    Nielsen, J.: Ten Usability Heuristics. Nielsen & Norman Group, Mountain View (2005). Accessible at http://www.useit.com/papers/heuristic/heuristic_list.html .
  19. 19.
    Reeder, R.W., Karat, C.-M., Karat, J., Brodie, C.: Usability Challenges in Security and Privacy Policy-Authoring Interfaces. In: Proc. of 11th IFIP TC 13 Conf. on Human–Computer Interaction INTERACT’2007. LNCS, Vol. 4663. Springer, Berlin (2007) 141–155.Google Scholar
  20. 20.
    Rode, J., Johansson, C., DiGioia, P., Silva Filho, R., Nies, K., Nguyen, D. H., Ren, J., Dourish, P., Redmiles, D.: Seeing Further: Extending Visualization as a Basis for Usable Security. In: Proc. of Second ACM Symposium on Usable Privacy and Security SOUPS’2006 (Pittsburgh, July 12–14, 2006). ACM Press, New York (2006) 145–155.Google Scholar
  21. 21.
    Roth, V., Turner, T.: User Studies on Security: Good vs. Perfect. In: Proc. of ACM CHI’2007 Workshop on Security User Studies (San Jose, April 28 – May 3, 2007). ACM Press, New York (2007).Google Scholar
  22. 22.
    Yurcik, W., Barlow, J., Lakkaraju, K., Haberman, M.: Two Visual Computer Network Security Monitoring Tools Incorporating Operator Interface Requirements. In: Proc. of ACM CHI’2003 Workshop on Human–Computer Interaction and Security Systems (Fort Lauderdale, April 5–10, 2003). ACM Press, New York (2003).Google Scholar

Copyright information

© Springer-Verlag London Limited 2009

Authors and Affiliations

  • Jaime Muñoz-Arteaga
    • 1
    Email author
  • Ricardo Mendoza González
    • 1
  • Miguel Vargas Martin
    • 1
  • Jean Vanderdonckt
    • 1
  • Francisco Álvarez-Rodriguez
    • 1
  • Juan González Calleros
    • 1
  1. 1.Universidad Autónoma de AguascalientesCentro de Ciencias Básicas, Av. UniversidadMexico

Personalised recommendations